Creating a Comprehensive Vulnerability Assessment Program for a Large Company Using QualysGuard
An interesting paper by Tim Proffitt titled, “Creating a Comprehensive Vulnerability Assessment Program for a Large Company Using QualysGuard”
Vulnerability Assessment, according to wikipedia.org, is the process of
identifying and quantifying vulnerabilities in a system. Vulnerability assessment
can be used against many different types of systems such as a home security
alarm, the protection of a nuclear power plant or a military outpost. Note that
vulnerability assessment is different from risk assessments even though they share
some of the same commonalities. Vulnerability Assessment concerns itself with
the identification of vulnerabilities, the possibilities of reducing those
vulnerabilities and improving the capacity to manage future incidents. This paper
will focus primarily on vulnerability assessment as it pertains to information
technology infrastructure and how utilizing QualysGuard can ease the burden on
your technology staff.
With today’s global marketplace, companies cannot afford to tarnish their
reputation with a public security incident. Corporations can suffer major financial
losses if a security incident is encountered in the business. The fear of revenue
loss should motivate companies to begin taking proactive measures against
vulnerabilities in their infrastructure. The concept of vulnerability assessment is a
critical process that should be followed in any organizations as a way to identify,
assess and respond to new vulnerabilities before those vulnerabilities become a
threat.
To obtain a copy of this paper, you can find it here at SANS Reading Room
Leave a Reply
Want to join the discussion?Feel free to contribute!